We are happy to announce the release of AIP v3.0.0, incorporating some important updates and improvements to our Attacker IP Prioritization (AIP) tool.
Generating Your Own Blocklists with the Stratosphere AIP Framework
In this blog post, we describe how to run AIP on a cloud instance server, to read from Zeek logs and generate your own blocklist feed of IPs to block. The blog is divided into five parts: first, what is AIP; second, we describe how to set up a new cloud server in Digital Ocean; third, how to configure the cloud server with Zeek running; fourth, how to prepare the environment and configurations for AIP to run; and fifth, how to run AIP and generate your own blocklists.